From the "what-took-you-so-long" department comes word from Verisign that two-factor authentication technology will be built directly into credit cards, removing the need for consumers to carry around a separate gadget with constantly-changing numerical codes.

The company is expected to announce a deal with Innovative Card Technologies to equip banks and e-commerce sites with cards that work with VeriSign's password system.

With the card, consumers logging on to an online bank account, for instance, would type in their regular username and password, along with a six-digit code that appears on the card's display window. That code constantly changes, meaning the customer needs to have possession of the card to access the account.

...Banks and merchants participating in VeriSign's password network can share codes, so consumers wouldn't have to carry multiple cards and devices or even one of each.

Verisign said it expects to announce a major bank using its cards in May, and those would be compatible with services currently using devices. The company already has agreements with eBay, PayPal, Yahoo and Charles Schwab to issue the password-generating devices.